OTORIO Authorized as CNA by Common Vulnerabilities and Exposures Program

OTORIO Authorized as CNA by Common Vulnerabilities and Exposures Program

14 Nov 2023


OT Cybersecurity Provider Certified to Identify and Catalog Publicly Disclosed Vulnerabilities


Tel Aviv, Israel – November 15, 2023OTORIO, the leading provider of operational technology (OT) cyber and digital risk management solutions, today announced that it has been authorized as a CVE Numbering Authority (CNA) by the Common Vulnerabilities and Exposures (CVE®) Program. This prestigious designation allows OTORIO to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities, contributing to the global effort to enhance cybersecurity awareness and strengthen digital defenses.

The CVE Program is an international, community-driven initiative that relies on partnerships with organizations worldwide, including industry, academic, and government representatives, to discover, define and catalog cybersecurity vulnerabilities. CVE numbers, assigned and published by CNAs like OTORIO, are unique identifiers for specific cybersecurity issues, enabling consistent communication and collaboration among information technology and security professionals. CVE Records published in the catalog empower stakeholders to rapidly identify vulnerabilities, ensuring timely and effective responses to potential security threats.

"Our authorization as a CVE Numbering Authority is a testament to our ongoing commitment to cybersecurity excellence," said Eran Jacob, Head of Research at OTORIO. "We are honored to join the CVE community and play a vital role in identifying and addressing cybersecurity vulnerabilities. This partnership aligns with our mission to create a safe, autonomous world by providing accurate and consistent information about cybersecurity issues."

OTORIO can now provide customers and partners with more comprehensive and up-to-date information about cybersecurity vulnerabilities, enabling them to respond effectively to potential threats and contributing to their overall cybersecurity posture. This designation underscores OTORIO's commitment to cybersecurity excellence and its dedication to enhancing digital defenses.

OTORIO has established a dedicated advisory page where the company will regularly update information about reported vulnerabilities. For more information about OTORIO's CVE Numbering Authority status and to access the latest advisories, please visit OTORIO’s vulnerability disclosure webpage.



OTORIO has pioneered an industrial-native OT security platform that enables its customers to achieve an integrated, holistic security strategy for industrial control systems (ICS) and cyber-physical systems (CPS). Together with its partners, OTORIO empowers operational security practitioners to proactively manage cyber risks and ensure resilient operations. 

The company's platform provides automated and consolidated visibility of the entire operational network, enabling companies to take control of their security posture, eliminate critical risks, and deliver immediate business value across the organization. OTORIO's global team combines the extensive mission-critical experience of top nation-state cyber security experts with deep operational and industrial domain expertise. To learn more, visit OTORIO.com.


About CVE

The mission of the Common Vulnerabilities and Exposures (CVE®) Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. There is one CVE Record for each vulnerability in the catalog. The vulnerabilities are discovered then assigned and published by organizations from around the world that have partnered with the CVE Program. Partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities.